Overview

FieldValue
ID1026
NameDelete namespaces
Risk CategoryDenial of Service
Risk LevelHigh
Role TypeClusterRole
API Groupscore
Resourcesnamespaces
Verbsdelete
TagsDenialOfService NamespaceLifecycle ResourceDeletion

Description

Permits deleting entire namespaces from the cluster. This is a destructive action that can lead to a significant denial of service by removing all resources, applications, and configurations within the targeted namespaces.

Abuse Scenarios

  1. Delete a specific namespace and all its resources.
kubectl delete namespace <namespace-name>
# Example: kubectl delete namespace production